Lucene search
GitHub Advisory DatabaseGHSA-J5H9-9R39-43Q5HistoryJan 03, 2024 - 9:30 a.m.
PaddlePaddle command injection in get_online_pass_interval
2024-01-0309:30:33
CWE-78
GitHub Advisory Database
github.com
10
paddlepaddle
command injection
get_online_pass_interval
operating system
arbitrary commands
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.001
Percentile
29.6%
PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.
Affected configurations
Node
paddlepaddlepaddlepaddleRange<2.6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| paddlepaddle | paddlepaddle | * | cpe:2.3:a:paddlepaddle:paddlepaddle:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-52310 Command injection in get_online_pass_interval
2024-01-03 08:14:55
osv
osv
PaddlePaddle command injection in get_online_pass_interval
2024-01-03 09:30:33
CVE-2023-52310
2024-01-03 09:15:10
cve
cve
CVE-2023-52310
2024-01-03 09:15:10
prion
prion
Command injection
2024-01-03 09:15:00
nvd
nvd
CVE-2023-52310
2024-01-03 09:15:10
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.001
Percentile
29.6%
Related for GHSA-J5H9-9R39-43Q5